Nationally Recognized Computer Security Expert to Give Two Public Lectures at Colorado State University

Viruses, identity theft and concerns with cyber terrorism are all on the rise, seriously compromising the security of information systems. Additionally, Internet server break-ins, defacements of Web pages and self-propagating malicious codes continue to multiply. A nationally recognized computer security expert will address possible solutions to these computer security problems at two public lectures at Colorado State University on Nov. 4.

Eugene Spafford, professor of computer sciences at Purdue University and director of the Center for Education and Research in Information Assurance, will give two presentations on Monday. The first lecture, "Myths, Fads and False Economies: How NOT to Get Secure Systems," will be at 10 a.m. in Room 230 of the Lory Student Center. The second seminar, "ESP and Poly2: Challenging the Conventional Wisdom," will begin at 4:10 p.m. in the President’s Room in Ammons Hall. Both events are free and open to the public. Informal receptions will be held after each talk.

According to Spafford, "If you believe that using strong cryptography provides good security, that open source is more secure than proprietary code, that the next release will be more secure than the current code, that full disclosure prevents break-ins or that better firewalls are the answer, then you have fallen victim to the myths."

The CSU Information Science and Technology Center is sponsoring Spafford’s morning ISTeC Distinguished Lecture. The afternoon seminar, the Department of Computer Science’s

Distinguished BMAC Lecture for Fall 2002, is co-sponsored by computer science and ISTeC. ISTeC is a universitywide organization for promoting, facilitating and enhancing CSU’s research, education and outreach activities pertaining to the design and innovative application of computer, communication and information systems.

Spafford, also a professor of philosophy at Purdue, is a Fellow of the Association for Computing Machinery, Fellow of the American Association for the Advancement of Science, Fellow of the Institute of Electrical and Electronics Engineers and is a charter recipient of the Computer Society’s Golden Core award. He has written and been cited extensively about information security, software engineering and professional ethics.

Among his many professional honors, Spafford was the 2000 recipient of the NIST/NCSC National Computer Systems Security Award, generally regarded as the field’s most significant honor in information security research. His many activities include serving as co-chairman of the Association of Computer Machinery’s U.S. Public Policy Committee and of its Advisory Committee on Computer Security and Privacy, member of the U.S. Air Force Scientific Advisory Board and academic editor of the journal Computers and Security.

In 2001, Spafford received Purdue’s two highest honors for teaching, the Outstanding Undergraduate Teaching Award and being named as a Fellow of the Purdue Teaching Academy. For more information about Spafford, visit the Web at

For more information about Spafford’s presentations at Colorado State, contact the computer science department at (970) 491-5862.